Login attempts query

You can download the attempted logins using the default 'Security Audit' report, which also uses the Users query and Sessions query.

Contents:

Filters

Filter

Description

Mandatory

Filter

Description

Mandatory

Start date / Before date

Filters to show login attempts that were from the start to the end date in UTC.

YES

Data provider settings

There are no data provider settings for this query.

Columns

Name

Description

Example

Name

Description

Example

Attempted datetime (UTC)

Date and time for the login attempt in UTC. If there are multiple login attempts, this will be the most recent attempt.

23-Jan-21 14:35

Attempted UserName

User name of the user that logged in. See 'User name' field in Users (Administration).

Support

Attempted user remarks

Remarks for the user, see ‘Remarks' field in Users (Administration).

External user

Authenticated by DeviceAuthorizationID

The device authentication’s unique ID in GUID format used for access. See Device authorizations (Administration).

ID will show only if the user has logged in with a device that has been authenticated.

40e3e31e-9668-4b18-9c6f-380e7fb7b88b

Authenticated by IPWhiteListEntryID

The IP whitelist’s unique ID in GUID format used for granting access. See IP whitelist (Administration).

ID will show only if the user has logged in with an IP address that has been whitelisted.

f9e77cf8-93e4-405e-9501-0eab460e169c

Client headers

The user’s client browser information. This information is useful for showing browser used for access and debugging any login issues.

Cache-Control=max-age%3d0&Content-Length=2036&Content-Type=application%2fx-www-form-urlencoded&Accept=text%2fhtml%2capplication%2fxhtml%2bxml%2capplication%2fxml%3bq%3d0.9%2cimage%2favif%2cimage%2fwebp%2cimage%2fapng%2c*%2f*%3bq%3d0.8%2capplication%2fsigned-exchange%3bv%3db3%3bq%3d0.9&Accept-Encoding=gzip%2c+deflate%2c+br&Accept-Language=en-US%2cen%3bq%3d0.9&Host=testcustomer.test.vpn.fbo.one&Referer=https%3a%2f%2ftestcustomer.test.vpn.fbo.one%2floginpage.aspx%3fReturnUrl%3d%252fadmin%252fAdminFBOLocations.aspx%253fisinclassiciframe%253dtrue%26isinclassiciframe%3dtrue&User-Agent=Mozilla%2f5.0+(Windows+NT+10.0%3b+Win64%3b+x64)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f87.0.4280.141+Safari%2f537.36&X-Forwarded-For=10.51.1.17&X-Forwarded-Proto=https&X-Forwarded-Port=443&X-Amzn-Trace-Id=Root%3d1-600c3437-39e7ac501dc482781713e44e&sec-ch-ua=%22Google+Chrome%22%3bv%3d%2287%22%2c+%22+Not%3bA+Brand%22%3bv%3d%2299%22%2c+%22Chromium%22%3bv%3d%2287%22&sec-ch-ua-mobile=%3f0&upgrade-insecure-requests=1&origin=https%3a%2f%2ftestcustomer.test.vpn.fbo.one&sec-fetch-site=same-origin&sec-fetch-mode=navigate&sec-fetch-user=%3f1&sec-fetch-dest=iframe

Client IP address

The user’s IP address used to access FBO One. See IP whitelist (Administration) for granting access.

111.11.1.11

LoginAttemptCount

The number of login attempts until the login was successful for the user.

1

LoginAttemptID

Login attempt’s unique ID in GUID format.

be58317b-cce8-4fb3-9eae-c109b716002c

QRCode

Allows generating a QR code using data from other columns, see https://amsterdam.jira.com/wiki/spaces/MAN/pages/2445049868.

Example shown:

  • Settings: ShowBarCodeOnEveryRow=true; MultipleValuesSeparator=" | "

  • Columns: Attempted UserName, Attempted datetime (UTC), Was successful

UserID

User’s unique ID in GUID format.

987035e0-6ce9-4321-a9c4-959717cdde28

Was successful

Indicates if the user’s login attempt was successful.

TRUE

Webserver Computername

The FBO One server used for the user’s login session.

AWSUTW2